A data privacy scandal involving Facebook and political consultancy firm Cambridge Analytica is costing the social networking giant £500,000 (approximately $664,000) in penalty issued by the UK's Information Commissioner’s Office (ICO). The fine is the maximum amount permitted under the country's legislation for such a violation.

The ICO said today that it first announced in July its intent to levy the fine following a comprehensive probe on the data practices of Facebook. The regulator concluded that the company allowed application developers to access the private data of its users between 2007 and 2014 without prior consent, even including those who did not install the app on their devices.

As a result of the company's failure to safeguard user data, Aleksandr Kogan and his firm GSR, collected the information of up to 87 million Facebook users across the world unlawfully. A portion of that treasure trove of information finally ended up in the hands of SCL Group, Cambridge Analytica's parent company, and was later used for political campaigns during the 2016 U.S. elections. It was not until 2018 that the social media company suspended the company behind the massive data harvesting.

Elizabeth Denham, the U.K.’s information commissioner, said in a statement:

Facebook failed to sufficiently protect the privacy of its users before, during and after the unlawful processing of this data. A company of its size and expertise should have known better and it should have done better.